The Discussion

Anyways. How do we know the NSA does not have backdoors into the new encryption system that will ship with vista?

Its more safe to assume there is a backdoor than to say there is not. So you guys have to prove that there is no way mathematically to use backdoors. Like why not use one-time pad encrpytion on each file? or some mathematical function where there are more than
3 unknowns to solve for to decrypt.

By the way what is the encryption algorithim used for encryption in VISTA?

﻿What I gather is that maybe you guys will not install or make the backdoors. But you guys will tell governments the vulnerabilities or the weak points that bitLock has, and then governments could then develop their own ways to decrypt a file. It goes
back to my question why doesnt bitLocket employ a really good unbreakable encryption algorithm, so no one but the person who owns the pc would be able to read it. THis is similar to TrueCrypt in someway.

Ok, how about you design that 'unbreakable' encryption algorithm, and then they'll use it. The algorithm they use could take billions of years to break on todays hardware - that's good enough for me.

Shark_M wrote:

So for most people, what is the point of having bitLocker to begin with if the system has vulnterabilities that hackers as well as governmental agencies would be able to utilize to break the encryption? Just making their job a little harder?

What vulnerabilities?

Shark_M wrote:

Another question how would this impact Anti-Virus software? Would this hinder scanning process to the point that it might take a whole day to scan your hard drives?

Why would it? If you have the keys decryption doesn't take all that long.

Shark_M wrote:

﻿I mean its nice and all to have all my files encrypted so that if someone steals my pc or labtop my data cannot be read. Its a step in the right direction interms of privacy. But this is a sword with two edges if you will. You can give people false sence
of security or privacy when the system used has weak points from which interested parties would be able to break the encryption.

Every encryption technique has weakpoints. It's only a matter of time and resources. The goal of encryption is to make the cost of breaking the encryption far exceed value of the data you want to recover.

Generally, the best algorithms are ones that are publically available and easily auditable. such as AES, which BitLocker uses (and is one of the choices for TrueCrypt).

﻿Every encryption technique has weakpoints. It's only a matter of time and resources. The goal of encryption is to make the cost of breaking the encryption far exceed value of the data you want to recover.

Generally, the best algorithms are ones that are publically available and easily auditable. such as AES, which BitLocker uses (and is one of the choices for TrueCrypt).

With one time pads even if you have all the resources in the world you cannot break it. Because its statistically not possible and mathematically not possible.

Ok, how about you design that 'unbreakable' encryption algorithm, and then they'll use it. The algorithm they use could take billions of years to break on todays hardware - that's good enough for me.

One-Time Pad (OTP) cryptosystem.

cain wrote:

﻿

What vulnerabilities?

side channel attacks, XSL attack, cache timing attack, + othes

there are prefectly secure crypto systems there that use symmetric encryption. Its called one time pads. So you can generate a randomal pad, and use it to encrpt the files you have, and store this pad somewhere in a flash drive and keep using it since its
only you. Each system would then be encrpted differently than any other system. If a hacker successfully decrypted user A's computer in Vista, then using the same ways they cant decrypt user B's.

There would be some technical issues that need to be solved, But If they want to they can iron them out.

though AES encryption with long keys is good. Its still not 100% secure, and machines are gaining more power hardware wise, and there are already super computers out there, like the quantum-factorization engines and others that have dictionaries full of
random keys ready to be tried out by the powers to be.

So though its nice, it will only stop the average joe, not the experts. the average joe or snoops out there would not want any thing with us.

Lets face it, in this day and age, privacy is meaningless. We are all guilty and as such are to be monitored like little kids by big brother, until proven innocent through monitoring. The presumption that all people are good that used to be the predominant
thing, has changed. That is what they mean when governments want to be able to see what your doing and what files you have in your computers.

Since the average hacker out there would not target user X per se, its safe to assume that your files are safe. But with government agencies they want to know what each citizen is doing, and that is why I say privacy is a relative term nowadays, and in all
practicallity its meaningless.

I would have wished that MS would use a really hard to break crypto system that is mathematically sound, like the ones where you have to solve for 3 unknowns or one-time pads.

Anyways, Its not like we have something to hide, do we? That what big-brother would say:P

What I gather is that maybe you guys will not install or make the backdoors. But you guys will tell governments the vulnerabilities or the weak points that bitLock has , and then governments could then develop their own ways to decrypt a file. It goes
back to my question why doesnt bitLocker employ a really good unbreakable encryption algorithm, so no one but the person who owns the pc would be able to read it. THis is similar to TrueCrypt in someway.

So for most people, what is the point of having bitLocker to begin with if the system has vulnterabilities that hackers as well as governmental agencies would be able to utilize to break the encryption? Just making their job a little harder?

Another question how would this impact Anti-Virus software? Would this hinder scanning process to the point that it might take a whole day to scan your hard drives?

I mean its nice and all to have all my files encrypted so that if someone steals my pc or labtop my data cannot be read. Its a step in the right direction interms of privacy. But this is a sword with two edges if you will. You can give people false sence of
security or privacy when the system used has weak points from which interested parties would be able to break the encryption.

If you use BitLocker with the TPM, an attacker would have to compromise the system without destroying the TPM or changing the system metrics the TPM uses. Accomplishing this on one system does not allow you to compromise subsequent systems as the metrics
are different.

If you use BitLocker with the TPM, an attacker would have to compromise the system without destroying the TPM or changing the system metrics the TPM uses. Accomplishing this on one system does not allow you to compromise subsequent systems as the metrics
are different.

can you give examples as to these metrics? does it use unique things in a typical Vista OS with default values? like SIDs , HD serial#s and the like?

So if you have 4 dell machines that are identical on every thing, you would not be able to compromise the other 3 if you managed to do it on the first one?

but why not? I mean if you managed to break 1 , what prevents you from doing the same process to the other 3? See this is what I dont like, I wanted no one to be able to break the first one, and in addition to this, each computer's implemetation would depend
on unique values in the hardware that are unique to each pc.

also why cant we get a choice as to different encryption methods from a drop down menu in vista? Why only use AES?

Edit: If you have multiple accounts in Vista, each account has some protected files, does bitLocker make each account encrypted with different key than other accounts so if your in a public portal or a University library your data in your account
would be encrypted with a key you choose that is different from others. Or is there a key used for all files in a given Vista installtion for the whole pc? So is there a per user capability?

﻿If you have multiple accounts in Vista, each account has some protected files, does bitLocker make each account encrypted with different key than other accounts so if your in a public portal or a University library your data in your account would be encrypted
with a key you choose that is different from others. Or is there a key used for all files in a given Vista installtion for the whole pc? So is there a per user capability?

BitLocker encrypts the entire volume, locking all users out of the system. For account-level encryption, you would use Encrypting File System (EFS - available since Windows 2000). Both can be used simultaneously. You'd also use EFS for encrypting data on non-system
volumes -- the server version of BitLocker will also be able to encrypt data volumes (using different keys for the data volumes).

The more encryption algorithms BitLocker supports, the wider the test matrix and scenarios MS would need to support. It's best that they get the feature right in v1, then worry about adding support for other algorithms and scenarios in future versions.

﻿What I gather is that maybe you guys will not install or make the backdoors. But you guys will tell governments the vulnerabilities or the weak points that bitLock has , and then governments could then develop their own ways to decrypt a file. It goes
back to my question why doesnt bitLocker employ a really good unbreakable encryption algorithm, so no one but the person who owns the pc would be able to read it. THis is similar to TrueCrypt in someway.

It sounds like there is another use for Bitlocker...to replace apps like lojack. Does/can Bitlocker email IP info to the user? Lets say the laptop gets stolen, and then get put on line (excluding wiping the OS) will the machine will notify the user of
its location via IP?

I know it is not fool proof, TOR ect. but TOR can throw lojack off too.